Page 5 of 66 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class. ext/standard/var_unserializer.c en PHP 5.x hasta la versión 7.1.24 permite que los atacantes provoquen una denegación de servicio (cierre inesperado de la aplicación) mediante una llamada unserialize para las clases com, dotnet o variant. • http://www.securityfocus.com/bid/105989 https://bugs.php.net/bug.php?id=77177 https://security.netapp.com/advisory/ntap-20181221-0005 • CWE-502: Deserialization of Untrusted Data •

CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 1

The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c. El componente Apache2 en PHP en versiones anteriores a la 5.6.38, versiones 7.0.x anteriores a la 7.0.32, versiones 7.1.x anteriores a la 7.1.22 y versiones 7.2.x anteriores a la 7.2.10 permite Cross-Site Scripting (XSS) mediante el cuerpo de una petición "Transfer-Encoding: chunked". Esto se debe a que bucket brigade se gestiona de manera incorrecta en la función php_handler en sapi apache2handler sapi_apache2.c. A cross-site scripting (XSS) vulnerability in Apache2 component of PHP was found. When using 'Transfer-Encoding: chunked', the request allows remote attackers to potentially run a malicious script in a victim's browser. • http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php https://access.redhat.com/errata/RHSA-2019:2519 https://bugs.php.net/bug.php?id=76582 https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e https://lists.debian.org/debian-lts-announce/2018/09/msg00020.html https://security.gentoo.org/glsa/201812-01 https://security.netapp.com/advisory/ntap-20180924-0001 https://www.debian.org/security/2018/dsa-4353 https://www.tenable.com/security/tns • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1

An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories. Se ha descubierto un problema en ext/standard/link_win32.c en PHP en versiones anteriores a la 5.6.37, versiones 7.0.x anteriores a la 7.0.31, versiones 7.1.x anteriores a la 7.1.20 y versiones 7.2.x anteriores a la 7.2.8. La función linkinfo en Windows no implementa la comprobación open_basedir. • http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php https://bugs.php.net/bug.php?id=76459 https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4 https://security.netapp.com/advisory/ntap-20181107-0003 https://www.tenable.com/security/tns-2018-12 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1

An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c. Se ha descubierto un problema en PHP en versiones anteriores a la 5.6.37, versiones 7.0.x anteriores a la 7.0.31, versiones 7.1.x anteriores a la 7.1.20 y versiones 7.2.x anteriores a la 7.2.8. Un desbordamiento de enteros conduce a una sobrelectura de búfer basada en memoria dinámica (heap) en exif_thumbnail_extract en exif.c. • http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://www.securityfocus.com/bid/104871 https://bugs.php.net/bug.php?id=76423 https://lists.debian.org/debian-lts-announce/2018/09/msg00000.html https://security.netapp.com/advisory/ntap-20181107-0003 https://usn.ubuntu.com/3766-1 https://usn.ubuntu.com/3766-2 https://www.debian.org/security/2018/dsa-4353 https://www.tenable.com/security/tns-2018-12 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1

An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP response leads to a segmentation fault because http_header_value in ext/standard/http_fopen_wrapper.c can be a NULL value that is mishandled in an atoi call. Se ha descubierto un problema en PHP en versiones 7.0.x anteriores a la 7.0.27, versiones 7.1.x anteriores a la 7.1.13 y versiones 7.2.x anteriores a la 7.2.1. El análisis inadecuado de una respuesta HTTP conduce a un fallo de segmentación debido a que http_header_value en ext/standard/http_fopen_wrapper.c puede ser un valor NULL que se gestiona erróneamente en una llamada atoi. • http://php.net/ChangeLog-7.php https://access.redhat.com/errata/RHSA-2019:2519 https://bugs.php.net/bug.php?id=75535 https://security.netapp.com/advisory/ntap-20181107-0003 https://access.redhat.com/security/cve/CVE-2018-14884 https://bugzilla.redhat.com/show_bug.cgi?id=1612362 • CWE-476: NULL Pointer Dereference CWE-665: Improper Initialization •